For me checking in a npm-shrinkwrap.json gives all of the advantages of checking node_modules into git, with none of the drawbacks. That's my preferred solution.
On Wednesday, December 26, 2012 7:05:45 PM UTC-5, José F. Romaniello wrote: > > Hi all, I have read few times that is better to checking the dependencies > folder into git when you are working on a project that must be deployed, it > seems that this makes testing and maintainance easier. So, the advice seems > "be flexible with the dependencies for libraries, and very strict for > projects". > > For me the pros are: > - dont have to blindly trust the correct use of semver from the package > owner > - make sure everyone has the same versions > - probabily faster to deploy, since npm install will do nothing > > The bigger cons I see is that i dont like something in GIT that can be > auto-generated. It will happen almost for sure that someone will commit a > change in the package.json updating the version of the dependency and > forget about the node_modules or vicecersa. It will be easy to notice if it > breacks a test but not sure who wants to be dealing with that after all... > > Thoughts? experiences? > > > Thanks! > -- Job Board: http://jobs.nodejs.org/ Posting guidelines: https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines You received this message because you are subscribed to the Google Groups "nodejs" group. To post to this group, send email to nodejs@googlegroups.com To unsubscribe from this group, send email to nodejs+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/nodejs?hl=en?hl=en